Articles

The National Security and Defence Council of Ukraine stated about the DDoS attacks on the Ukrainian websites of the security and defence sector, the addresses belonging to certain Russian traffic networks.

Starting from February 18, this year, the National Coordination Center for Cybersecurity at the NSDC of Ukraine records massive DDoS attacks on the Ukrainian segment of the Internet, mainly on the websites of the security and defence sector. It was revealed that addresses belonging to certain Russian traffic networks were the source of these coordinated attacks.

During the response and analysis, it was found that the attackers used a new mechanism of cyberattacks, which had not been observed before.

“In such a way, during an attack, vulnerable government web servers are infected with a virus that covertly makes them part of a botnet used for DDoS attacks on other resources. At the same time, security systems of Internet providers identify compromised web servers as a source of attacks and begin to block their work by automatically blacklisting them. Thus, even after the end of the DDoS phase, the attacked websites remain inaccessible to users,” this was stated at the NSDC of Ukraine.

The National Coordination Center for Cybersecurity experts are ready to provide consultations and technical assistance to detect and respond to this type of cyberattack. In case of detecting the compromised websites, DDoS-attacks, please notify the National Coordination Center for Cybersecurity ([email protected]) immediately.